1. Install packages in whonix-14-ws template:
sudo apt-get install openjdk-8-jdk git-core gnupg flex bison gperf build-essential zip curl zlib1g-dev gcc-multilib g++-multilib libc6-dev-i386 lib32ncurses5-dev x11proto-core-dev libx11-dev lib32z-dev libgl1-mesa-dev libxml2-utils xsltproc unzip gettext python-pip libyaml-dev dosfstools syslinux syslinux-utils xorriso mtools makebootfat lunzip
2. Create builder AppVM based on whonix-14-ws in which you'll build android-x86:
You'll need 120GB for android-x86 sources and temp build files and 30GB for swap.
Extend private storage size to 160GB via GUI or in dom0:
qvm-volume extend android-builder:private 160g
Add 30GB swap in builder VM:
sudo dd if=/dev/zero of=/rw/swapfile bs=1024 count=31457280
sudo chown root:root /rw/swapfile
sudo chmod 0600 /rw/swapfile
sudo mkswap /rw/swapfile
sudo swapon /rw/swapfile
In builder VM run:
sudo ln -s /sbin/mkdosfs /usr/local/bin/mkdosfs
sudo pip install prettytable Mako pyaml dateutils --upgrade
export _JAVA_OPTIONS="-Xmx8G"
echo 'export _JAVA_OPTIONS="-Xmx8G"' >> ~/.profile
echo "sudo swapon /rw/swapfile" >> /rw/config/rc.local
Download android-x86 sources:
mkdir android-x86
cd android-x86
curl https://storage.googleapis.com/git-repo-downloads/repo > repo
chmod a+x repo
sudo install repo /usr/local/bin
rm repo
git config --global user.name "Your Name"
git config --global user.email "y...@example.com"
repo init -u git://git.osdn.net/gitroot/android-x86/manifest -b android-x86-7.1-r2
To add GAPPS to your build you need to add the build system, and the wanted sources to your manifest.
Edit .repo/manifests/default.xml and add the following towards the end:
<remote name="opengapps" fetch="https://github.com/opengapps/" />
<project path="vendor/opengapps/build" name="aosp_build" revision="master" remote="opengapps" />
<project path="vendor/opengapps/sources/all" name="all" clone-depth="1" revision="master" remote="opengapps" />
<project path="vendor/opengapps/sources/x86" name="x86" clone-depth="1" revision="master" remote="opengapps" />
<project path="vendor/opengapps/sources/x86_64" name="x86_64" clone-depth="1" revision="master" remote="opengapps" />
Download sources:
repo sync --no-tags --no-clone-bundle --force-sync -j$( nproc --all )
If you choose to add GAPPS, then edit file device/generic/common/device.mk and add at the beginning:
#OpenGAPPS
GAPPS_VARIANT := pico
GAPPS_PRODUCT_PACKAGES += Chrome \
KeyboardGoogle \
LatinImeGoogle \
GoogleTTS \
YouTube \
PixelIcons \
PixelLauncher \
Wallpapers \
PixelLauncherIcons \
WebViewGoogle \
GoogleServicesFramework \
GoogleLoginService \
GAPPS_FORCE_BROWSER_OVERRIDES := true
GAPPS_FORCE_PACKAGE_OVERRIDES := true
GAPPS_EXCLUDED_PACKAGES := FaceLock \
AndroidPlatformServices \
PrebuiltGmsCoreInstantApps \
And at the end add:
#OpenGAPPS
$(call inherit-product, vendor/opengapps/build/opengapps-packages.mk)
Edit android-x86 sources for XEN compatibility:
sed -i -e 's|/sys/block/\[shv\]d\[a-z\]|/sys/block/\[shv\]d\[a-z\] /sys/block/xvd\[a-z\]|g' bootable/newinstaller/install/scripts/1-install
sed -i -e 's|/sys/block/\[shv\]d\$h/\$1|/sys/block/\[shv\]d\$h/\$1 /sys/block/xvd\$h/\$1|g' bootable/newinstaller/install/scripts/1-install
sed -i -e 's|hmnsv|hmnsvx|g' bootable/newinstaller/initrd/init
Edit android-x86 sources for Debian build environment:
sed -i -e 's|genisoimage|xorriso -as mkisofs|g' bootable/newinstaller/Android.mk
Configure build target:
. build/envsetup.sh
lunch android_x86_64-eng
Configure kernel:
make -C kernel O=$OUT/obj/kernel ARCH=x86 menuconfig
You need to edit these parameters:
XEN=yes
XEN_BLKDEV_BACKEND=yes
XEN_BLKDEV_FRONTEND=yes
XEN_NETDEV_BACKEND=no
XEN_NETDEV_FRONTEND=no
SECURITY_SELINUX_BOOTPARAM=yes
SECURITY_SELINUX_BOOTPARAM_VALUE=1
SECURITY_SELINUX_DISABLE=yes
DEFAULT_SECURITY_SELINUX=yes
The kernel config will be in out/target/product/x86_64/obj/kernel/.config
Also, you can edit the config to set the device type from tablet to phone.
Edit device/generic/common/device.mk and change PRODUCT_CHARACTERISTICS from tablet to default:
PRODUCT_CHARACTERISTICS := default
Start the build:
m -j$( nproc --all ) iso_img
After you got the iso, create the android network VM. If you choose the android VM's netvm as sys-whonix directly, the network won't work. You need to have intermediate netvm between android VM and sys-whonix. Create new AppVM sys-android based on fedora template with netvm sys-whonix and set "provides network".
Create android VM in dom0:
qvm-create --class StandaloneVM --label green --property virt_mode=hvm android
qvm-prefs android kernel ''
qvm-prefs android 'sys-android'
qvm-prefs android memory '2048'
qvm-prefs android maxmem '2048'
qvm-volume extend android:root 20g
Start the android VM with iso:
qvm-start android --cdrom=android-builder:/home/user/android-x86/out/target/product/x86_64/android_x86_64.iso
Install android-x86 on xvda and reboot.
Start android VM without iso:
qvm-start android
When it'll start, kill the VM and wait for it to halt.
Configure android VM to use the mouse in dom0:
sudo mkdir -p /etc/qubes/templates/libvirt/xen/by-name/
sudo cp /etc/libvirt/libxl/android.xml /etc/qubes/templates/libvirt/xen/by-name/android.xml
sudo sed -i -e 's/tablet/mouse/g' /etc/qubes/templates/libvirt/xen/by-name/android.xml
Start android VM without iso and it should work fine:
qvm-start android
Do you mind sharing the resulting images for testing? I'll have hard time compiling this myself on old Core m3/8Gb machine...
You can try this image, but I advise to build your own image for security reasons:
https://drive.google.com/open?id=1KGDRe9iJgjb3nSBjFlK74Sa_nn08qYiq
Thank Alex! Does not boot for me, vm halts after "Probing EDD" :(
That was the whole point of trying pre-built image (despite security implications) - your iso saved me quite a few hours of compiling.
You are right, the issue was due to missing `qvm-prefs android kernel ''`.
Everything works fine now, if we can call fine inability to change screen resolution, absence of sound and file exchange and semi-defunct mouse.
Let me just start by saying a massive thank you. This guide has been great. I have used it for the 8.1 - Oreo - which was just changing:
'repo init -u git://git.osdn.net/gitroot/android-x86/manifest -b android-x86-7.1-r2' to 'repo init -u git://git.osdn.net/gitroot/android-x86/manifest -b oreo-x86.'
With 8.1, mouse support comes out the box and completing the last part of the guide actually makes the mouse worse in Oreo. So, disregard that part anyone following this guide for 8.1. You can change resolution by affixing 'vga=ask' and choosing your desired resolution (https://groups.google.com/forum/#!topic/qubes-users/KZm8aGJuiO0).
I have come across one issue, and I am wondering if you could help me. Android has installed great, and loads up fine. However, I simply cannot open the Settings app, as it crashes every single time. Others who have encountered this issue modified it using adb (https://stackoverflow.com/questions/3480201/how-do-you-install-an-apk-file-in-the-android-emulator?rq=1), but I don't know how to do this with a Qubes HVM. Any help with this?
Thanks in advance :)
You can use adb via network:
Create tmpvm with adb.
Select Networking vm for tmpvm with adb to sys-android.
Select Networking vm for Android VM to sys-android.
In sys-android run:
sudo nft add rule ip qubes-firewall forward meta iifname eth0 accept
sudo iptables -I FORWARD 2 -i vif+ -s 10.137.0.0/24 -d 10.137.0.0/24 -p tcp -m conntrack --ctstate NEW -j ACCEPT
In android terminal run:
su
setprop service.adb.tcp.port 5555
stop adbd
start adbd
In tmpvm witd adb run:
adb connect 10.137.0.xx:5555
Where 10.137.0.xx - android IP
And then run your commands.
Hi Alex, good to hear from you again.
Been pulling my hair out trying to get Android working. It installs great, but i can't open settings at all, so can't even do anything with the OS.
Have you had success with Oreo?
I'll try your adb steps.
I've successfully build android-x86 7.1-r2 with gapps in whonix-14-ws AppVM.
(...)
Okay, adb works perfectly with your method. Thank you!
However, my settings is still broken after clearing the data of com.android.settings. I do wonder if this is part of a bigger problem, as the google play store says checking for info.. then the screen turns black. I didn't see any issues when compiling the iso, so not sure what's going on.
Think my issue might be because 'No WebView installed'? Can't open up playstore as it fails to load webview provider.
On Saturday, December 1, 2018 at 5:47:52 AM UTC, alex.b...@gmail.com wrote:
> [...]
> Do you mind sharing the resulting images for testing? I'll have hard time compiling this myself on old Core m3/8Gb machine...
You can try this image, but I advise to build your own image for security reasons:
https://drive.google.com/open?id=1KGDRe9iJgjb3nSBjFlK74Sa_nn08qYiq
Hi, please note that Alex's guide was created just before Android-x86 Oreo was released. If you change 'repo init -u git://git.osdn.net/gitroot/android-x86/manifest -b android-x86-7.1-r2' to 'repo init -u git://git.osdn.net/gitroot/android-x86/manifest -b oreo-x86', you'll have no mouse issues. Just rememeber not to do Alex's steps on fixing the mouse if you do, as you'll just recreate the mouse problem.
When you rebooted the appvm, and shut down the builder VM, the iso should have detached from the android appvm. Reboot Qubes if it hasn't.
I've been changing resolution by affixing 'vga=(desired resolution code)' to the end of the kernel. You can type vga=ask to get a list of resolution codes. You do this by pressing 'e' when you get the boot options, and then 'e' again. It will look something like 'kernel /android-2019-02-18/kernelvga=ask quiet etc, etc'.
(...)
Hi, please note that Alex's guide was created just before Android-x86 Oreo was released. If you change 'repo init -u git://git.osdn.net/gitro,ot/android-x86/manifest -b android-x86-7.1-r2' to 'repo init -u git://git.osdn.net/gitroot/android-x86/manifest -b oreo-x86', you'll have no mouse issues. Just rememeber not to do Alex's steps on fixing the mouse if you do, as you'll just recreate the mouse problem.
When you rebooted the appvm, and shut down the builder VM, the iso should have detached from the android appvm. Reboot Qubes if it hasn't.
I've been changing resolution by affixing 'vga=(desired resolution code)' to the end of the kernel. You can type vga=ask to get a list of resolution codes.
When I put the command
Download sources:
repo sync --no-tags --no-clone-bundle --force-sync -j$( nproc --all )
and when it show this:
From git://git.osdn.net/gitroot/android-x86/platform/frameworks/av
* [new branch] nougat-x86 -> x86/nougat-x86
Fetching project platform/external/android-clat
remote: Counting objects: 1, done
remote: Finding sources: 100% (793/793)
remote: Total 793 (delta 244), reused 793 (delta 244)
Receiving objects: 100% (793/793), 517.38 KiB | 0 bytes/s, done.
Resolving deltas: 100% (244/244), done.
From https://android.googlesource.com/platform/external/android-clat
* [new tag] android-7.1.2_r36 -> android-7.1.2_r36
I got nothing, I mean it's look like freeze.
Did you try to remove downloaded repo and sync it again from scratch? The OpenGAPPS repo changed, see below, maybe it's somehow related.
I'd recommend to build Android 8 release, the mouse works fine there. Also the Settings bug is fixed if you use userdebug build variant instead of eng.
The guide in the same as in first post except:
Android 8 will take 211GB to build. I've build it with 32GB RAM without swap, maybe it'll work with less RAM.
repo init -u git://git.osdn.net/gitroot/android-x86/manifest -b oreo-x86 -m android-x86-8.1-r1.xml
instead of
repo init -u git://git.osdn.net/gitroot/android-x86/manifest -b android-x86-7.1-r2
<remote name="opengapps" fetch="https://github.com/opengapps/" />
<remote name="nezor" fetch="https://gitlab.nezorfla.me/opengapps/" />
<project path="vendor/opengapps/build" name="aosp_build" revision="master" remote="opengapps" />
<project path="vendor/opengapps/sources/all" name="all" clone-depth="1" revision="master" remote="nezor" />
<project path="vendor/opengapps/sources/x86" name="x86" clone-depth="1" revision="master" remote="nezor" />
<project path="vendor/opengapps/sources/x86_64" name="x86_64" clone-depth="1" revision="master" remote="nezor" />
instead of
<remote name="opengapps" fetch="https://github.com/opengapps/" />
<project path="vendor/opengapps/build" name="aosp_build" revision="master" remote="opengapps" />
<project path="vendor/opengapps/sources/all" name="all" clone-depth="1" revision="master" remote="opengapps" />
<project path="vendor/opengapps/sources/x86" name="x86" clone-depth="1" revision="master" remote="opengapps" />
<project path="vendor/opengapps/sources/x86_64" name="x86_64" clone-depth="1" revision="master" remote="opengapps" />
lunch android_x86_64-userdebug
instead of
lunch android_x86_64-eng
/usr/bin/make -C kernel O=$OUT/obj/kernel ARCH=x86_64 menuconfig
instead of
make -C kernel O=$OUT/obj/kernel ARCH=x86_64 menuconfig
I've uploaded the working Android 8.1 iso for those who need it for a test, but I don't recommend to use it for security reasons and it's better to build the iso yourself:
https://drive.google.com/open?id=1Y4P77mlPPlXBzYrJ5yHJ7XM6gLVsQQm0
md5sum android_x86_64-oreo-nogapps.iso
b3af7a84820dd9fb32dd40c68f285993 android_x86_64-oreo-nogapps.iso
sha1sum android_x86_64-oreo-nogapps.iso
16e9bcf0da44929b223fc2ab1df97de0df26d9fb android_x86_64-oreo-nogapps.iso
sha256sum
sha256sum android_x86_64-oreo-nogapps.iso
b7d9aa5f9c401202ea24b63e95bb0f38d1f981381a719257c1a2f526e0cf636f android_x86_64-oreo-nogapps.iso
sha512sum android_x86_64-oreo-nogapps.iso
16f2666a20499f31472fc933a670c47070e0db14686b605b69254d054dcc63893b564e5a35e84e1daf7b7fd80f955a2834956a1bb029e93563b7d8c44787666b android_x86_64-oreo-nogapps.iso
End-of-central-directory signature not found. Either this file is not a zipfile, or it constitutes one disk of a multi-part archive. In the latter case the central directory and zipfile comment will be found on the last disk(s) of this archive.
Unable to open 'out/target/product/x86_64/obj/APPS/PixelLauncherIcons_intermediates/package.apk' for verification
# Create a builder AppVM based on whonix-14-ws or Debian in which you'll build android-x86.# You'll need 120GB for android-x86 sources and temp build files and 30GB for swap.# Extend private storage size to 160GB via GUI or in dom0:
qvm-volume extend android-builder:private 160g
# Add 30GB swap in builder VM:sudo fallocate -l 30G /tmp/swapfilesudo chmod 0600 /tmp/swapfile sudo mkswap /tmp/swapfile sudo swapon /tmp/swapfile
# Add the following repository to /etc/apt/sources.list (openjdk-8 is required, but it is not available under Debian 10):
# deb https://deb.debian.org/debian sid main
# Install packages in whonix-14-ws (or Debian) template:sudo apt-get updatesudo apt-get install openjdk-8-jdk gnupg flex bison gperf build-essential zip zlib1g-dev gcc-multilib g++-multilib libc6-dev-i386 lib32ncurses5-dev x11proto-core-dev libx11-dev lib32z-dev libgl1-mesa-dev libxml2-utils xsltproc unzip gettext libyaml-dev dosfstools syslinux syslinux-utils xorriso mtools makebootfat lunzip git-core curl python-pip libssl-dev bc libelf-dev git-lfs python-pip git-core curl clang libncurses5 libncurses5-dev
# In builder VM run:
sudo ln -s /sbin/mkdosfs /usr/local/bin/mkdosfssudo pip install prettytable Mako pyaml dateutils --upgradeexport _JAVA_OPTIONS="-Xmx8G"echo 'export _JAVA_OPTIONS="-Xmx8G"' >> ~/.profile
echo "sudo swapon /tmp/swapfile" >> /rw/config/rc.local
# Download android-x86 sources:
mkdir android-x86cd android-x86chmod a+x reposudo install repo /usr/local/binrm repogit config --global user.name "Your Name"
git config --global user.email "ro...@example.com"
repo init -u git://git.osdn.net/gitroot/android-x86/manifest -b oreo-x86 -m android-x86-8.1-r1.xml
# To add GAPPS to your build you need to add the build system, and the wanted sources to your manifest.# Edit .repo/manifests/android-x86-8.1-r1.xml and add the following towards the end:
<remote name="opengapps" fetch="https://github.com/opengapps/" />
<remote name="gitlab" fetch="https://gitlab.opengapps.org/opengapps/" />
<project path="vendor/opengapps/build" name="aosp_build" revision="master" remote="opengapps" />
<project path="vendor/opengapps/sources/all" name="all" clone-depth="1" revision="master" remote="gitlab" /><!-- arm64 depends on arm --><project path="vendor/opengapps/sources/arm" name="arm" clone-depth="1" revision="master" remote="gitlab" /><project path="vendor/opengapps/sources/arm64" name="arm64" clone-depth="1" revision="master" remote="gitlab" /><project path="vendor/opengapps/sources/x86" name="x86" clone-depth="1" revision="master" remote="gitlab" /><project path="vendor/opengapps/sources/x86_64" name="x86_64" clone-depth="1" revision="master" remote="gitlab" />
# Download sources:
repo sync --no-tags --no-clone-bundle --force-sync -j$( nproc --all )
# If you choose to add GAPPS, then edit file device/generic/common/device.mk and add at the beginning:
#OpenGAPPS
GAPPS_VARIANT := pico
GAPPS_PRODUCT_PACKAGES += Chrome \ KeyboardGoogle \ LatinImeGoogle \ GoogleTTS \ YouTube \ PixelIcons \ PixelLauncher \ Wallpapers \ PixelLauncherIcons \ WebViewGoogle \ GoogleServicesFramework \ GoogleLoginService \
GAPPS_FORCE_BROWSER_OVERRIDES := trueGAPPS_FORCE_PACKAGE_OVERRIDES := true
GAPPS_EXCLUDED_PACKAGES := FaceLock \ AndroidPlatformServices \ PrebuiltGmsCoreInstantApps \
# And at the end add:#OpenGAPPS$(call inherit-product, vendor/opengapps/build/opengapps-packages.mk)
# OpenGapps changed their repo to require git-lfs. There may be a better way to do this, but if you're building with GApps, this gets the right files. It takes awhile:
cd vendor
rm -r opengapps
git clone https://github.com/opengapps/opengapps.git
cd opengapps
git lfs install
./download_sources.sh --shallow x86_64
cd ../../
# Edit android-x86 sources for XEN compatibility:
sed -i -e 's|/sys/block/\[shv\]d\[a-z\]|/sys/block/\[shv\]d\[a-z\] /sys/block/xvd\[a-z\]|g' bootable/newinstaller/install/scripts/1-installsed -i -e 's|/sys/block/\[shv\]d\$h/\$1|/sys/block/\[shv\]d\$h/\$1 /sys/block/xvd\$h/\$1|g' bootable/newinstaller/install/scripts/1-installsed -i -e 's|hmnsv|hmnsvx|g' bootable/newinstaller/initrd/init
# Edit android-x86 sources for Debian build environment:
sed -i -e 's|genisoimage|xorriso -as mkisofs|g' bootable/newinstaller/Android.mk
# Configure build target:. build/envsetup.shlunch android_x86_64-userdebug
# Configure kernel:
/usr/bin/make -C kernel O=$OUT/obj/kernel ARCH=x86_64 menuconfig
# You need to edit these parameters:
XEN=yesXEN_BLKDEV_BACKEND=yesXEN_BLKDEV_FRONTEND=yesXEN_NETDEV_BACKEND=noXEN_NETDEV_FRONTEND=noSECURITY_SELINUX_BOOTPARAM=yesSECURITY_SELINUX_BOOTPARAM_VALUE=1SECURITY_SELINUX_DISABLE=yesDEFAULT_SECURITY_SELINUX=yes
# The kernel config will be in out/target/product/x86_64/obj/kernel/.config
# Also, you can edit the config to set the device type from tablet to phone.# Edit device/generic/common/device.mk and change PRODUCT_CHARACTERISTICS from tablet to default:PRODUCT_CHARACTERISTICS := default
# Start the build:make -j$( nproc --all ) iso_img
# After you got the iso, create the android network VM. If you choose the android VM's netvm as sys-whonix directly, the network won't work. You need to have intermediate netvm between android VM and sys-whonix. Create new AppVM sys-android based on fedora template with netvm sys-whonix and set "provides network".
# Create android VM in dom0:
qvm-create --class StandaloneVM --label green --property virt_mode=hvm androidqvm-prefs android kernel ''qvm-prefs android 'sys-android'qvm-prefs android memory '2048'qvm-prefs android maxmem '2048'qvm-volume extend android:root 20g
# Start the android VM with iso:qvm-start android --cdrom=android-builder:/home/user/android-x86/out/target/product/x86_64/android_x86_64.iso
# Install android-x86 on xvda and reboot.# Start android VM without iso:
qvm-start android
# When it'll start, kill the VM and wait for it to halt.# Configure android VM to use the mouse in dom0:
sudo mkdir -p /etc/qubes/templates/libvirt/xen/by-name/sudo cp /etc/libvirt/libxl/android.xml /etc/qubes/templates/libvirt/xen/by-name/android.xmlsudo sed -i -e 's/tablet/mouse/g' /etc/qubes/templates/libvirt/xen/by-name/android.xml
# Start android VM without iso and it should work fine:qvm-start android
.
# Configure kernel:/usr/bin/make -C kernel O=$OUT/obj/kernel ARCH=x86_64 menuconfig# You need to edit these parameters:XEN=yesXEN_BLKDEV_BACKEND=yesXEN_BLKDEV_FRONTEND=yesXEN_NETDEV_BACKEND=noXEN_NETDEV_FRONTEND=noSECURITY_SELINUX_BOOTPARAM=yesSECURITY_SELINUX_BOOTPARAM_VALUE=1SECURITY_SELINUX_DISABLE=yesDEFAULT_SECURITY_SELINUX=yes# The kernel config will be in out/target/product/x86_64/obj/kernel/.config# Also, you can edit the config to set the device type from tablet to phone.# Edit device/generic/common/device.mk and change PRODUCT_CHARACTERISTICS from tablet to default:PRODUCT_CHARACTERISTICS := default# Start the build:make -j$( nproc --all ) iso_img